Enable filters 0x49 and 0x46 for win32/pe. This needs some more testing.

src/p_w32pe.cpp

@@ -142,7 +142,8 @@ const int *PackW32Pe::getCompressionMethods(int method, int level) const
 const int *PackW32Pe::getFilters() const
 {
     static const int filters[] = {
-        0x26, 0x24, 0x16, 0x13, 0x14, 0x11, FT_ULTRA_BRUTE, 0x25, 0x15, 0x12,
+        0x26, 0x24, 0x49, 0x46, 0x16, 0x13, 0x14, 0x11,
+        FT_ULTRA_BRUTE, 0x25, 0x15, 0x12,
     FT_END };
     return filters;
 }
@@ -893,6 +894,9 @@ void PackW32Pe::pack(OutputFile *fo)
 
     defineFilterSymbols(linker, &ft);
     linker->defineSymbol("filter_buffer_start", ih.codebase - rvamin);
+    if (0x40==(0xf0 & ft.id)) {
+        linker->defineSymbol("filter_length", ft.buf_len); // redefine
+    }
     defineDecompressorSymbols();
 
     // in case of overlapping decompression, this hack is needed,
@@ -910,6 +914,7 @@ void PackW32Pe::pack(OutputFile *fo)
     linker->defineSymbol("start_of_compressed", esi0 + ih.imagebase);
 
     linker->defineSymbol(isdll ? "PEISDLL1" : "PEMAIN01", upxsection);
+    //linker->dumpSymbols();
     relocateLoader();
 
     const unsigned lsize = getLoaderSize();

src/stub/src/arch/i386/macros.S

@@ -153,9 +153,9 @@ section         CALLTR02
                 sub     eax, edi
                 sub     bl, 0xE8
 
-                .ifnc   \addvalue, 0
+        .ifnc   \addvalue, 0
                 add     eax, \addvalue
-                .endif
+        .endif
 
                 mov     [edi], eax
                 add     edi, 5
@@ -203,9 +203,11 @@ ctend:
 .macro          cit32   addvalue
 section         CALLTR00
                 mov     ecx, offset filter_length
-                .ifnc   \addvalue, 0
+        .ifnc   \addvalue, 0
+        .ifnc   \addvalue, esi
                 mov     esi, \addvalue
-                .endif
+        .endif
+        .endif
 calltrickloop:
                 mov     al, [edi]
                 inc     edi
@@ -230,9 +232,9 @@ section         CALLTR02
                 sub     eax, edi
                 sub     bl, 0xE8
 
-                .ifnc   \addvalue, 0
+        .ifnc   \addvalue, 0
                 add     eax, esi
-                .endif
+        .endif
 
                 mov     [edi], eax
                 add     edi, 5
@@ -267,9 +269,9 @@ section         CTBSWA11
 section         CALLTR13
                 sub     eax, edi
 
-                .ifnc   \addvalue, 0
+        .ifnc   \addvalue, 0
                 add     eax, esi
-                .endif
+        .endif
 
                 stosd
                 jmps    ctloop1
@@ -289,7 +291,9 @@ ctend:
 
 section         ctok32.00
         .ifnc   \addvalue, 0
+        .ifnc   \addvalue, esi
                 mov     esi, \addvalue
+        .endif
         .endif
                 jmps    ckstart
 ckloop3:

src/stub/src/i386-win32.pe.S

@@ -75,9 +75,13 @@ section         PECTTPOS
                 lea     edi, [esi + filter_buffer_start]
 section         PECTTNUL
                 mov     edi, esi
-// section      PEDUMMY0
+
                 cjt32   esi
 
+section         ctok32.00
+                mov     ecx, offset filter_length
+                ctok32  esi, (offset filter_cto)
+
 // =============
 // ============= IMPORTS
 // =============

src/stub/tmp/i386-win32.pe.bin.dump

@@ -91,31 +91,36 @@ Idx Name          Size      VMA       LMA       File off  Algn  Flags
  86 CTBROR11      00000002  00000000  00000000  00001955  2**0  CONTENTS, READONLY
  87 CTBSWA11      00000005  00000000  00000000  00001957  2**0  CONTENTS, READONLY
  88 CALLTR13      00000007  00000000  00000000  0000195c  2**0  CONTENTS, RELOC, READONLY
- 89 PEIMPORT      0000002c  00000000  00000000  00001963  2**0  CONTENTS, RELOC, READONLY
- 90 PEIBYORD      00000002  00000000  00000000  0000198f  2**0  CONTENTS, RELOC, READONLY
- 91 PEK32ORD      00000010  00000000  00000000  00001991  2**0  CONTENTS, RELOC, READONLY
- 92 PEIMORD1      00000007  00000000  00000000  000019a1  2**0  CONTENTS, READONLY
- 93 PEIMPOR2      00000016  00000000  00000000  000019a8  2**0  CONTENTS, RELOC, READONLY
- 94 PEIERDLL      00000006  00000000  00000000  000019be  2**0  CONTENTS, READONLY
- 95 PEIEREXE      00000006  00000000  00000000  000019c4  2**0  CONTENTS, RELOC, READONLY
- 96 PEIMDONE      00000000  00000000  00000000  000019ca  2**0  CONTENTS, READONLY
- 97 PERELOC1      00000006  00000000  00000000  000019ca  2**0  CONTENTS, RELOC, READONLY
- 98 PERELOC2      00000003  00000000  00000000  000019d0  2**0  CONTENTS, READONLY
- 99 PERELOC3      00000003  00000000  00000000  000019d3  2**0  CONTENTS, READONLY
-100 RELOC320      00000029  00000000  00000000  000019d6  2**0  CONTENTS, RELOC, READONLY
-101 REL32BIG      00000009  00000000  00000000  000019ff  2**0  CONTENTS, RELOC, READONLY
-102 RELOC32J      00000002  00000000  00000000  00001a08  2**0  CONTENTS, RELOC, READONLY
-103 REL32END      00000000  00000000  00000000  00001a0a  2**0  CONTENTS, READONLY
-104 PERLOHI0      00000008  00000000  00000000  00001a0a  2**0  CONTENTS, RELOC, READONLY
-105 PERELLO0      0000000a  00000000  00000000  00001a12  2**0  CONTENTS, READONLY
-106 PERELHI0      0000000d  00000000  00000000  00001a1c  2**0  CONTENTS, READONLY
-107 PEDEPHAK      0000002f  00000000  00000000  00001a29  2**0  CONTENTS, RELOC, READONLY
-108 PEMAIN20      00000001  00000000  00000000  00001a58  2**0  CONTENTS, READONLY
-109 CLEARSTACK    0000000d  00000000  00000000  00001a59  2**0  CONTENTS, READONLY
-110 PEMAIN21      00000000  00000000  00000000  00001a66  2**0  CONTENTS, READONLY
-111 PERETURN      00000006  00000000  00000000  00001a66  2**0  CONTENTS, READONLY
-112 PEDOJUMP      00000005  00000000  00000000  00001a6c  2**0  CONTENTS, RELOC, READONLY
-113 UPX1HEAD      00000020  00000000  00000000  00001a71  2**0  CONTENTS, READONLY
+ 89 ctok32.00     0000000c  00000000  00000000  00001963  2**0  CONTENTS, RELOC, READONLY
+ 90 ctok32.10     0000000e  00000000  00000000  0000196f  2**0  CONTENTS, RELOC, READONLY
+ 91 ctok32.20     00000022  00000000  00000000  0000197d  2**0  CONTENTS, RELOC, READONLY
+ 92 ctok32.30     00000007  00000000  00000000  0000199f  2**0  CONTENTS, RELOC, READONLY
+ 93 ctok32.40     00000005  00000000  00000000  000019a6  2**0  CONTENTS, RELOC, READONLY
+ 94 PEIMPORT      0000002c  00000000  00000000  000019ab  2**0  CONTENTS, RELOC, READONLY
+ 95 PEIBYORD      00000002  00000000  00000000  000019d7  2**0  CONTENTS, RELOC, READONLY
+ 96 PEK32ORD      00000010  00000000  00000000  000019d9  2**0  CONTENTS, RELOC, READONLY
+ 97 PEIMORD1      00000007  00000000  00000000  000019e9  2**0  CONTENTS, READONLY
+ 98 PEIMPOR2      00000016  00000000  00000000  000019f0  2**0  CONTENTS, RELOC, READONLY
+ 99 PEIERDLL      00000006  00000000  00000000  00001a06  2**0  CONTENTS, READONLY
+100 PEIEREXE      00000006  00000000  00000000  00001a0c  2**0  CONTENTS, RELOC, READONLY
+101 PEIMDONE      00000000  00000000  00000000  00001a12  2**0  CONTENTS, READONLY
+102 PERELOC1      00000006  00000000  00000000  00001a12  2**0  CONTENTS, RELOC, READONLY
+103 PERELOC2      00000003  00000000  00000000  00001a18  2**0  CONTENTS, READONLY
+104 PERELOC3      00000003  00000000  00000000  00001a1b  2**0  CONTENTS, READONLY
+105 RELOC320      00000029  00000000  00000000  00001a1e  2**0  CONTENTS, RELOC, READONLY
+106 REL32BIG      00000009  00000000  00000000  00001a47  2**0  CONTENTS, RELOC, READONLY
+107 RELOC32J      00000002  00000000  00000000  00001a50  2**0  CONTENTS, RELOC, READONLY
+108 REL32END      00000000  00000000  00000000  00001a52  2**0  CONTENTS, READONLY
+109 PERLOHI0      00000008  00000000  00000000  00001a52  2**0  CONTENTS, RELOC, READONLY
+110 PERELLO0      0000000a  00000000  00000000  00001a5a  2**0  CONTENTS, READONLY
+111 PERELHI0      0000000d  00000000  00000000  00001a64  2**0  CONTENTS, READONLY
+112 PEDEPHAK      0000002f  00000000  00000000  00001a71  2**0  CONTENTS, RELOC, READONLY
+113 PEMAIN20      00000001  00000000  00000000  00001aa0  2**0  CONTENTS, READONLY
+114 CLEARSTACK    0000000d  00000000  00000000  00001aa1  2**0  CONTENTS, READONLY
+115 PEMAIN21      00000000  00000000  00000000  00001aae  2**0  CONTENTS, READONLY
+116 PERETURN      00000006  00000000  00000000  00001aae  2**0  CONTENTS, READONLY
+117 PEDOJUMP      00000005  00000000  00000000  00001ab4  2**0  CONTENTS, RELOC, READONLY
+118 UPX1HEAD      00000020  00000000  00000000  00001ab9  2**0  CONTENTS, READONLY
 SYMBOL TABLE:
 00000000 l    d  N2BSMA10	00000000 N2BSMA10
 00000000 l    d  N2BFAS11	00000000 N2BFAS11
@@ -145,6 +150,10 @@ SYMBOL TABLE:
 00000000 l    d  CALLTR10	00000000 CALLTR10
 00000000 l    d  CALLTR11	00000000 CALLTR11
 00000000 l    d  CALLTR13	00000000 CALLTR13
+00000000 l    d  ctok32.00	00000000 ctok32.00
+00000000 l    d  ctok32.10	00000000 ctok32.10
+00000000 l    d  ctok32.20	00000000 ctok32.20
+00000000 l    d  ctok32.40	00000000 ctok32.40
 00000000 l    d  PEIMPORT	00000000 PEIMPORT
 00000000 l    d  PEIMORD1	00000000 PEIMORD1
 00000000 l    d  PEIMPOR2	00000000 PEIMPOR2
@@ -213,6 +222,7 @@ SYMBOL TABLE:
 00000000 l    d  CTBSHR11	00000000 CTBSHR11
 00000000 l    d  CTBROR11	00000000 CTBROR11
 00000000 l    d  CTBSWA11	00000000 CTBSWA11
+00000000 l    d  ctok32.30	00000000 ctok32.30
 00000000 l    d  PEIBYORD	00000000 PEIBYORD
 00000000 l    d  PEK32ORD	00000000 PEK32ORD
 00000000 l    d  PEIERDLL	00000000 PEIERDLL
@@ -480,6 +490,29 @@ RELOCATION RECORDS FOR [CALLTR13]:
 OFFSET   TYPE              VALUE
 00000006 R_386_PC8         CALLTR10
 
+RELOCATION RECORDS FOR [ctok32.00]:
+OFFSET   TYPE              VALUE
+00000001 R_386_32          filter_length
+00000006 R_386_PC8         ctok32.20
+
+RELOCATION RECORDS FOR [ctok32.10]:
+OFFSET   TYPE              VALUE
+0000000d R_386_PC8         ctok32.20
+
+RELOCATION RECORDS FOR [ctok32.20]:
+OFFSET   TYPE              VALUE
+00000005 R_386_PC8         ctok32.40
+00000008 R_386_8           filter_cto
+0000000a R_386_PC8         ctok32.40
+
+RELOCATION RECORDS FOR [ctok32.30]:
+OFFSET   TYPE              VALUE
+00000006 R_386_PC8         ctok32.10
+
+RELOCATION RECORDS FOR [ctok32.40]:
+OFFSET   TYPE              VALUE
+00000004 R_386_PC8         ctok32.00
+
 RELOCATION RECORDS FOR [PEIMPORT]:
 OFFSET   TYPE              VALUE
 00000002 R_386_32          compressed_imports